#!/usr/bin/env bash

__Author__="liy"

# Common
export ROOT_DIR="$(pwd)"
export BASE_DOMAIN="example.com"

# Kubernetes
export CLUSTER_NAME="kubernetes"
export APISERVER_CLUSTER_IP="10.96.0.1"
export MASTER_NAME1="k8s-master01"
export MASTER_NAME2="k8s-master02"
export MASTER_NAME3="k8s-master03"

# Etcd
export NODE_IP01="172.20.1.31"
export NODE_IP02="172.20.1.32"
export NODE_IP03="172.20.1.33"
export NODE_NAME01="k8s-master01"
export NODE_NAME02="k8s-master02"
export NODE_NAME03="k8s-master03"



function openssl_req(){
    openssl genrsa -out ${1}/${2}.key 2048
    echo "Genrating ${1}/${2}.csr"
    openssl req -config openssl.conf -new -sha256 \
        -key ${1}/${2}.key -out ${1}/${2}.csr \
        -out ${1}/${2}.csr -subj "${3}"
}


function openssl_sign(){
    echo "Genrating ${3}/${4}.crt"
    openssl ca -batch -config openssl.conf -extensions $5 -days 3650 -notext \
        -md sha256 -in ${3}/${4}.csr -out ${3}/${4}.crt \
        -cert ${1} -keyfile ${2}
}


function clean(){
    rm -f $CERT_DIR/index*
    rm -f $CERT_DIR/100*
    rm -f $CERT_DIR/serial*
    find $CERT_DIR/ -name "*.csr" -delete 
}
